A hacker group said to be associated with “Anonymous” followed through on a threat they made to leak information about “accounts of various companies around the world” by leaking passwords and usernames of 13,000 accounts at Amazon, PlayStation, XBox Live, Hulu Plus, Walmart, and other online retailers and entertainment services.
The group announced the leak, which included credit card numbers, expiration dates, and security codes, in a tweet the day after Christmas:
“For the lulz” is a phrase used on social media and in online forums to explain that an individual did something to be humourous or for personal enjoyment.
The data was released as a text file on the file-sharing site Ghostbin. The file has since been taken down, but the personal information of thousands of online customers was exposed to the public for a period of time. DailyDot has a list of all the companies affected by the data breach.
The group also linked to a site where a pirated copy of Sony’s The Interview could be downloaded.
Earlier in the week a self-described hacker group called Lizard Squad attacked the gaming networks of Sony and Microsoft, knocking the online gaming sites for XBox and Playstation Network offline for most of Christmas Day. The group also claimed responsibility for attacking Tor’s anonymous network system.
“Anonymous,” the loosely affiliated group of hackers that claims to be leaderless and without any organizational structure, fired back at Lizard Squad on Twitter, telling the group to “stand down. “Anonymous” said, “People need that service because of corrupt governments.”
It appears the attack on Tor was unsuccessful.
Tor Project statement on today's attack.
— The Tor Project (@torproject) December 26, 2014
— Anonymous (@YourAnonNews) December 27, 2014
These groups are working overtime to exert their dominance in the cyber universe and a lot of it is “for the lulz” — just for kicks, regardless of the collateral damage. Whether or not this mini-hacktivist war continues, it’s a good reminder to think about updating your online security because consumers will likely be caught in the crossfire if these groups continue to face off. If you have an account at one of the breached online sites, it would be a good idea to change your password and log in to minimize the risk of identity theft. You should also monitor your bank account and credit card accounts for unauthorized charges and consider how you can make your accounts more secure going forward.